使用安全失敗在遠程主機上創建ssh密鑰

我正在使用Ansible在遠程主機上創建ssh密鑰。以下是劇本代碼使用安全失敗在遠程主機上創建ssh密鑰

- name: Test playbook 
    hosts: all 
    remote_user: admin 
    tasks: 
    - name: Create ssh keys 
     expect: 
     command: ssh-keygen -t rsa 
     echo: yes 
     timeout: 5 
     responses: 
      "file": "" ## Enter file in which to save the key (/home/admin/.ssh/id_rsa) 
      "Overwrite": "n" ## Overwrite (y/n)? 
      "passphrase": "" ## Enter passphrase (empty for no passphrase)

然而，收到以下錯誤：

fatal: [10.1.1.1]: FAILED! => {"changed": true, "cmd": "ssh-keygen -t rsa", "delta": "0:00:00.301769", "end": "2015-12-30 09:56:29.465815", "failed": true, "invocation": {"module_args": {"chdir": null, "command": "ssh-keygen -t rsa", "creates": null, "echo": true, "removes": null, "responses": {"Overwrite": "n", "file": "", "passphrase": ""}, "timeout": 5}, "module_name": "expect"}, "rc": 1, "start": "2015-12-30 09:56:29.164046", "stdout": "Generating public/private rsa key pair.\r\nEnter file in which to save the key (/home/admin/.ssh/id_rsa): \r\n/home/admin/.ssh/id_rsa already exists.\r\nOverwrite (y/n)? n", "stdout_lines": ["Generating public/private rsa key pair.", "Enter file in which to save the key (/home/admin/.ssh/id_rsa): ", "/home/admin/.ssh/id_rsa already exists.", "Overwrite (y/n)? n"]}

當「覆蓋」被映射爲「Y」這不正常工作。

來源

2015-12-30 hipster

This does work fine when "Overwrite" is mapped to "y".

如果是這樣的話，那麼它聽起來像你的任務工作正常。 ssh-keygen只會提示覆蓋文件，如果它已經存在，並且您對任務中「覆蓋」的響應是「n」。如果你告訴ssh-keygen不要覆蓋這個文件，那麼它將立即以一個非零返回代碼退出，這個Ansible解釋爲錯誤。

如果你只想要這個任務時，該鍵不存在，執行（以創建一個新的密鑰，但不覆蓋現有的），那麼你可能要添加以下你的任務：

creates: /home/admin/.ssh/id_rsa

如果指定的文件已經存在，creates修飾符將阻止任務執行。

來源

2015-12-30 18:53:52

工作！謝謝 – hipster

使用安全失敗在遠程主機上創建ssh密鑰

回答

相關問題